MMaskMails.
Back to MaskMails

Privacy Policy

Last updated: June 2025

MaskMails is built on a single principle: we cannot leak data we never collect. This page explains exactly what happens — and what doesn't happen — when you use our service.

Zero Tracking

No analytics, no fingerprinting, no third-party scripts.

No Accounts

We never ask for a name, email, or phone number.

Auto-Delete

All messages are permanently destroyed after 1 hour.

1. Information We Collect

We collect nothing that identifies you as a person. Specifically:

  • No name, email address, phone number, or date of birth.
  • No payment information (the service is free).
  • No cookies that track you across sessions or across sites.
  • No IP address logs tied to email activity.

The only data stored is the temporary email inbox contents themselves — raw SMTP messages delivered to your generated address. These are stored transiently and never associated with your identity.

2. How Emails Are Stored

When an email arrives at a MaskMails address, it is stored in our database solely for delivery to your browser. The retention window is 1 hour from address creation. After expiry:

  • The email address is deactivated and new mail is rejected.
  • All stored message content is permanently deleted.
  • No backups or archives are kept.

3. Third-Party Services

MaskMails does not embed any third-party analytics (Google Analytics, Mixpanel, Segment, etc.), advertising networks, or social media widgets. The only external requests your browser makes are to Google Fonts to load our typefaces — a standard web practice. You can block this with a browser extension if you prefer locally-rendered fonts.

4. Cookies & Local Storage

We use browser localStorage (not cookies) to remember your theme preference (light/dark) and recent address history. This data never leaves your device and is never sent to our servers. You can clear it at any time by clearing your browser's site data.

5. SMTP Inbound Processing

Our mail server accepts inbound SMTP messages addressed to your generated mailbox. The sender's headers (From, Subject, Date) and body content are stored temporarily as described above. We do not read, process, or sell email content for any purpose other than displaying it to you.

6. Security

All traffic between your browser and MaskMails is encrypted via HTTPS/TLS. Our infrastructure runs on Cloudflare's global network, providing DDoS protection, WAF filtering, and edge-level security. We follow the principle of least privilege for all internal systems.

7. Children

MaskMails is not directed at children under 13. If you are under 13, please do not use this service.

8. Changes to This Policy

If we make material changes to this policy, we will update the "Last updated" date at the top of this page. Since we collect no contact information, we cannot notify you directly — we recommend checking this page occasionally if you use the service regularly.

9. Contact

Questions about privacy? Reach us at our contact page. We aim to respond within 48 hours.